Brazilian officials are disputing the claim by "60 Minutes" and others that a blackout in 2007 was caused by computer hackers. Wired magazine's blog Threat Level, citing government and investigative sources, reports that the outage "was actually the result of a utility company's negligent maintenance of high voltage insulators on two transmission lines." Insulators hang from power lines and are prone to collect debris, which can cause power surges. In this case, officials say soot from nearby fires collected on the insulators.
Threat Level, which has long been skeptical of some of the more
extraordinary claims by U.S. officials about cyber threats to critical
infrastructure, spoke to the utility company involved in the blackout
and got a denial of any hacker involvement. The company "has no
knowledge of hackers acting in [the] power transmission system," TL
reported.
News of the "60 Minutes" piece hit the wires on Saturday, and over the
weekend, Brazilian government officials started batting down the story.
A senior homeland security official in Brazil told newspaper Folha de
S. Paulo that he had investigated the allegations of a hacker causing
the blackout and found no traces.
The official told the newspaper that "there is always the possibility"
that a hacker could take over a power substation, but because the
companies affected didn't have their systems directly connected to the
Internet, it would have been very difficult for a hacker to penetrate
their internal network.
However, the same official, in an earlier interview, confirmed that a
hacker based in an Eastern European country accessed a server connected
to a Brazilian ministry in 2008. The intruder locked officials out by
changing the password, and then demanded $350 million to release the
system. No one paid the ransom, the official said.
According to the Brazilian press, the power company denied any
knowledge of hackers in their system in 2007, and national power
authorities attributed the blackout to a "weather phenomenon" and
pollution buildup on the insulators. Brazil's electrical regulatory
agency ended up fining the power company $3.27 million, Threat Level
reported.
TL actually beat "60 Minutes" with the news that security experts think
computer hacking caused the Brazilian blackouts. In an interview,
former White House cyber security chief Richard Clarke said, "We can
look forward to the kind of things happening here that happened to
Brazil, where hackers successfully brought down the power." The TL
reporter noted that "Clarke is referring to veiled reports made last
year by the CIA's chief cybersecurity officer, Tom Donahue, that
extortionists had taken down the power grid in multiple regions outside
the United States. The location of those outages has never been
publicly identified."
In an email sent to me yesterday, TL's Ryan Singel criticized "60
Minutes" and other media for not reporting the Brazilian government's
non-cyber explanation for the blackout. I asked the reporter who
interviewed Clarke whether she had followed up on his claims when he
made them. I still haven't received a response, but I'll update that
here if I do. The piece ran on October 28.
The "60 Minutes" piece featured extensive quotes from Jim Lewis at the
Center for Strategic and International Studies, which produced a
lengthy report on cyber security for the Obama administration. I asked
Lewis what he thought of the Brazilian claims. "I can see why the
Brazilians would deny this," he said. "Their government may not even
know. But this happened whether they admit [it] or not."
Lewis and Clarke aren't the only ones to attribute the blackout to
cyber hackers. In 2007, a senior Defense Department official also said
in a little noticed speech, "Not long ago there was an attack on
Brazil's power grid, the SCADA network, which caused major
disruptions." SCADA, which stands for supervisory control and data
acquisition, refers to the devices that control electricity generation
systems.
